4 matches found
CVE-2023-1809 Download Manager Pro < 6.3.0 - Unauthenticated Sensitive Information Disclosure
The Download Manager WordPress plugin before 6.3.0 leaks master key information without the need for a password, allowing attackers to download arbitrary password-protected package files...
CVE-2023-1809
This CVE pertains to the WordPress plugin Download Manager Pro (and its Download Manager) prior to version 6.3.0, where master key information is leaked without authentication, enabling an attacker to download arbitrary password‑protected files. Root cause is unauthenticated exposure of sensitive...
CVE-2023-1809 Download Manager Pro < 6.3.0 - Unauthenticated Sensitive Information Disclosure
The Download Manager WordPress plugin before 6.3.0 leaks master key information without the need for a password, allowing attackers to download arbitrary password-protected package files...
WordPress Download Manager Plugin 5.0.0-6.2.9 is vulnerable to Sensitive Data Exposure
Software Download Manager Type Plugin Vulnerable versions 5.0.0-6.2.9 Fixed in 6.3.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-1809 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 59ef71547191 Credits Johan Kragt Required...